6月23日-每日安全知识热点-茶余饭后-看雪-安全社区|安全招聘|kanxue.com

6月23日-每日安全知识热点

发表于: 2016-6-23 11:36 1541

6月23日-每日安全知识热点

ktpd

2016-6-23 11:36

1541

技术类:

Yves Younan.发现的pidgin的漏洞汇总
6e4K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3u0D9L8$3N6Q4x3X3g2@1j5h3I4G2M7$3W2F1N6r3g2D9i4K6u0W2j5$3!0E0i4K6u0r3x3U0l9I4y4W2)9J5c8U0l9$3i4K6u0r3N6Y4g2D9L8X3g2J5j5h3u0A6L8r3W2@1P5g2)9J5k6s2y4H3L8%4c8D9K9h3N6Z5N6q4)9J5k6s2m8A6k6r3N6A6L8W2)9J5k6h3S2@1L8h3H3`.

Linux Kernel ROP - Ropping your way to # (Part 2)
8adK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6%4N6%4N6Q4x3X3g2@1M7Y4g2K6N6s2N6S2N6X3g2Q4x3X3g2U0L8$3#2Q4x3V1k6d9k6i4y4G2N6i4u0U0k6i4y4Q4x3V1k6e0M7r3W2V1k6i4u0x3j5h3u0K6i4K6u0V1b7X3I4G2k6#2)9J5c8V1I4A6L8Y4g2^5i4K6u0V1d9$3g2J5L8X3g2D9i4K6u0V1f1V1!0b7i4K6u0V1i4K6u0V1i4K6u0V1f1X3!0H3M7r3W2F1k6#2)9J5k6s2W2G2N6i4u0Q4x3X3c8%4j5i4W2Q4x3X3c8@1L8#2)9J5k6q4)9J5k6q4)9J5k6q4)9J5z5q4m8S2M7Y4c8Q4x3X3b7J5i4K6t1&6i4K6u0r3

高级操作系统课程
d18K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3y4Y4K9g2)9J5k6h3c8A6i4K6u0W2N6h3!0S2i4K6u0W2k6%4u0Q4x3V1k6Q4y4@1g2E0k6h3#2S2i4K6u0r3j5$3!0#2M7Y4y4W2M7#2)9J5c8X3#2V1k6e0f1I4z5q4)9J5c8X3@1I4x3U0u0Q4x3X3g2Z5N6r3#2D9

为什么大公司不部署“read team"(指攻击方)?
a33K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6&6j5h3S2G2L8#2)9J5k6s2y4W2j5%4g2J5K9i4c8&6i4K6u0W2N6s2g2E0j5X3I4J5i4K6u0W2j5$3!0E0i4K6u0r3M7r3!0K6N6q4)9J5c8U0p5@1y4U0x3I4z5o6M7$3y4U0b7&6y4g2)9J5c8Y4N6Z5j5i4c8K6i4K6u0V1K9h3&6Q4x3X3c8S2i4K6u0V1M7X3g2V1i4K6u0V1N6r3g2S2L8g2)9J5k6r3q4F1k6q4)9J5k6s2N6Z5P5g2)9J5k6r3q4J5k6h3&6@1i4K6u0V1j5$3!0E0M7r3q4F1K9h3g2K6

分析从DNC被黑服务器中提取的恶意软件
694K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4c8Z5M7X3g2S2N6r3N6W2k6h3E0Q4x3X3g2U0L8$3#2Q4x3V1j5J5x3o6p5$3i4K6u0r3x3o6k6Q4x3V1k6V1L8X3y4Q4y4h3k6#2M7r3c8S2N6r3g2Q4x3X3g2Z5N6r3#2D9

设计一个xctf 2016的badge
00dK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3W2J5M7e0g2Q4x3X3g2A6L8#2)9J5c8U0t1H3x3e0k6Q4x3V1j5H3y4W2)9J5c8U0t1J5i4K6u0r3k6r3g2K6K9h3N6F1K9h3&6Y4i4K6u0V1N6r3S2W2i4K6u0V1P5q4)9J5k6r3y4@1k6W2)9J5k6o6t1H3x3e0k6Q4x3X3c8T1j5h3c8Y4k6g2)9J5c8R3`.`.

关于payload Staging的入门介绍
3a2K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3u0D9L8$3N6Q4x3X3g2U0L8$3u0S2L8s2c8K6N6s2u0A6K9$3g2Q4x3X3g2U0L8$3#2Q4x3V1j5J5x3o6p5$3i4K6u0r3x3o6k6Q4x3V1j5J5x3W2)9J5c8Y4c8S2L8r3E0Q4x3X3c8@1L8#2)9J5k6s2W2G2N6i4u0Q4x3X3c8U0K9r3W2D9k6s2u0W2L8W2)9J5k6r3q4T1L8%4g2@1i4K6u0V1M7r3q4&6L8r3!0S2k6q4)9J5k6s2y4@1j5h3N6A6L8X3N6Q4x3V1j5`.

在audio开发中常见的4种错误
713K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3q4@1j5i4y4@1P5i4m8A6P5r3g2D9i4K6u0W2j5$3!0E0i4K6u0r3j5X3I4G2k6#2)9J5c8X3k6G2N6i4u0Q4x3X3c8U0L8$3#2E0L8$3&6Q4x3X3c8E0K9i4y4@1j5h3E0W2M7#2)9J5k6r3W2F1i4K6u0V1j5i4g2V1K9h3!0Q4x3X3c8V1k6i4k6W2L8r3!0H3L8h3g2F1N6q4)9J5c8R3`.`.

通过配置AsyncOS来提高email服务器的安全性
872K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3u0D9L8$3N6K6i4K6u0W2j5$3W2K6j5$3!0Q4x3X3g2U0L8$3#2Q4x3V1k6K6k6h3y4#2M7X3W2@1P5g2)9J5c8X3q4K6P5h3&6U0L8%4y4Q4x3X3b7I4x3q4)9J5k6o6m8Q4x3X3c8X3L8%4u0Q4x3X3c8U0K9i4y4U0L8#2)9J5k6r3g2E0j5h3W2D9i4K6u0V1M7$3g2U0N6i4u0A6N6s2V1`.

Nemucod恶意欺诈勒索软件使用javascript和php结合来影响用户
805K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3&6W2N6%4y4Q4x3X3g2K6L8$3k6@1M7r3g2V1K9h3q4Q4x3X3g2U0L8$3#2Q4x3V1k6F1k6i4N6K6i4K6u0r3L8X3g2E0N6h3y4G2k6q4)9J5k6s2u0S2L8Y4y4G2L8i4N6S2M7X3g2Q4x3X3c8#2M7$3g2K6i4K6u0V1K9X3q4$3j5i4y4U0M7X3W2H3N6q4)9J5k6r3q4F1k6q4)9J5k6s2m8Z5M7q4)9J5k6r3y4G2L8X3y4G2j5%4c8A6L8$3&6Q4x3X3c8@1L8#2)9J5k6r3W2F1k6X3g2U0N6q4)9J5k6s2g2K6k6i4u0K6i4K6u0V1y4e0l9#2y4o6R3$3i4K6u0W2M7$3S2@1L8h3H3`.

32bit的 Chrome/Firefox在64bit windows上的高地址堆喷射
2f4K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3u0D9L8$3N6Q4x3X3g2K6K9%4W2D9K9h3&6W2k6q4)9J5k6h3&6D9i4K6u0r3x3U0l9I4y4U0l9$3x3U0t1H3x3o6q4Q4x3X3g2Z5N6r3#2D9

介绍windows PFN数据库
f7aK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4u0W2K9$3q4D9L8q4)9J5k6r3k6G2M7X3g2F1M7$3W2U0i4K6u0W2j5X3I4G2k6%4y4H3L8%4c8Q4x3X3g2U0K9q4)9J5c8U0t1H3x3e0k6Q4x3V1j5H3y4g2)9J5c8Y4u0W2K9$3q4D9L8q4)9J5k6r3q4F1k6q4)9J5k6s2N6A6L8X3c8G2N6%4y4Q4x3X3c8H3k6X3&6Q4x3X3c8V1j5i4c8S2j5X3q4K6k6g2)9J5k6h3S2@1L8h3H3`.

分析PlugX Builder
981K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3u0D9L8$3N6Q4x3X3g2U0P5h3u0W2M7Y4y4W2j5%4g2J5K9i4c8&6i4K6u0V1j5h3W2J5j5Y4g2K6k6s2y4Q4x3X3g2U0L8$3#2Q4x3V1k6H3L8%4y4@1i4K6u0r3x3U0l9I4y4W2)9J5c8U0l9$3i4K6u0r3c8$3g2@1N6r3W2F1k6#2)9J5k6r3q4Q4x3X3c8b7L8s2g2Y4h3q4)9J5k6r3u0#2K9h3I4V1k6i4t1`.

Linux - ecryptfs 和 /proc/$pid/environ 提权poc
1d8K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6%4N6%4N6Q4x3X3g2W2P5s2m8D9L8$3W2@1i4K6u0V1k6r3u0Q4x3X3g2U0L8$3#2Q4x3V1k6W2P5s2m8D9L8$3W2@1M7#2)9J5c8U0x3&6z5e0V1J5i4K6u0r3

Necurs, Dridex, 和 Locky恶意欺诈家族的最近动向
241K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3#2S2L8s2N6S2M7X3g2@1k6h3y4Z5i4K6u0W2j5$3!0E0i4K6u0r3x3U0l9I4y4W2)9J5c8U0l9$3i4K6u0r3N6$3S2S2N6s2y4Q4x3X3c8Z5j5i4m8H3k6h3&6A6L8X3N6Q4x3X3c8%4K9i4c8Z5i4K6u0V1L8X3g2U0N6i4u0K6i4K6u0V1k6s2u0A6k6r3g2^5i4K6u0V1j5h3&6V1i4K6u0W2K9s2c8E0L8l9`.`.

CylancePROTECT® vs. PlugX:JTB数据泄露影响793万日本人
079K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6T1L8r3!0Y4i4K6u0W2j5%4W2D9j5h3&6U0k6g2)9J5k6h3y4G2L8g2)9J5c8X3y4&6L8r3q4F1j5$3g2H3M7X3!0@1k6h3y4@1i4K6u0V1N6Y4y4Q4x3X3c8H3L8s2g2Y4P5l9`.`.

‘GODLESS’ 移动恶意软件使用多个exploit来root手机
48fK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3u0D9L8$3N6Q4x3X3g2@1M7X3g2F1k6r3#2A6j5%4u0G2i4K6u0W2j5$3!0E0i4K6u0r3N6s2u0W2L8X3c8D9j5h3u0K6i4K6u0V1M7$3g2U0N6i4u0A6N6s2W2Q4x3X3c8A6L8Y4c8W2L8r3I4A6k6$3g2F1j5$3g2Q4x3V1k6Y4L8$3c8D9k6i4y4K6i4K6u0V1L8h3!0T1K9h3I4W2i4K6u0V1L8h3q4D9N6$3q4J5k6g2)9J5k6s2g2K6k6i4y4Q4x3X3c8E0N6h3I4@1K9i4m8D9k6g2)9J5k6r3g2^5M7r3I4G2K9i4c8K6i4K6u0V1M7X3!0G2N6q4)9J5k6r3c8W2N6X3W2U0k6i4y4Q4x3V1j5`.

流行的动漫站点Jkanime 被黑,访问者被指向NEUTRINO EK
c5bK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6T1L8r3!0Y4M7#2)9J5k6h3k6G2M7X3y4W2M7r3!0A6L8Y4c8Q4x3X3g2U0L8$3#2Q4x3V1k6K6k6h3y4#2M7X3W2@1P5g2)9J5k6r3I4S2j5Y4y4Q4x3V1k6Z5K9h3N6Z5L8s2W2Q4x3X3c8H3L8%4m8#2L8r3q4J5i4K6u0V1j5h3&6A6L8h3g2Q4x3X3c8K6K9i4c8W2i4K6u0V1K9X3E0S2L8X3W2E0k6g2)9J5k6r3y4G2L8i4m8J5L8$3#2A6M7$3g2V1i4K6u0V1M7X3g2V1K9i4u0W2j5%4c8A6L8X3N6Q4x3X3c8#2M7$3g2J5M7#2)9J5k6r3&6W2N6i4c8J5K9h3&6G2i4K6u0V1k6h3D9`.

资讯类:
黑客窃取美国1亿5千400万投票人记录
799K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3&6W2N6%4y4Q4x3X3g2K6L8$3k6@1M7r3g2V1K9h3q4Q4x3X3g2U0L8$3#2Q4x3V1k6F1k6i4N6K6i4K6u0r3K9r3q4U0K9$3g2J5M7#2)9J5k6r3u0J5k6h3q4U0K9q4)9J5k6s2g2K6i4K6u0V1j5$3!0E0M7r3q4F1P5g2)9J5k6r3q4F1k6q4)9J5k6s2g2F1N6$3W2@1N6r3W2F1k6$3I4&6i4K6u0V1k6i4S2H3L8%4y4W2i4K6u0V1x3e0f1@1i4K6u0V1L8h3W2D9L8r3W2G2L8W2)9J5k6s2k6G2N6r3g2J5i4K6u0V1M7X3g2U0L8%4u0V1M7#2)9J5k6o6f1H3y4e0f1#2x3#2)9J5k6i4y4Z5N6r3#2D9

Carbonite在线备份账号遭受密码重用攻击
bf3K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4c8Z5k6i4u0W2k6$3W2K6N6r3g2J5i4K6u0W2j5$3!0Q4x3X3g2#2K9#2)9J5c8U0t1H3x3e0k6Q4x3V1j5H3y4W2)9J5c8U0t1J5i4K6u0r3j5$3q4J5j5X3!0F1K9i4c8W2i4K6g2X3j5h3y4U0L8%4g2F1N6s2y4Q4y4h3k6H3j5i4y4K6N6$3!0J5k6q4)9#2k6Y4u0W2N6i4y4W2i4K6g2X3j5i4c8@1j5h3y4C8i4K6u0r3i4K6y4r3N6i4c8E0i4K6g2X3M7$3!0#2M7X3y4W2i4K6y4p5k6r3I4$3M7W2)9J5k6h3W2@1i4K6t1$3N6i4c8E0i4K6g2X3L8h3g2V1K9i4g2E0i4K6y4p5N6s2N6A6N6s2c8W2M7R3`.`.

庞大的黑客攻击后,这些首席执行官们均给予加薪
4d8K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6i4A6V1L8X3g2@1i4K6u0W2j5$3!0E0i4K6u0r3j5i4u0@1K9h3y4D9k6g2)9J5c8X3q4X3N6r3g2J5i4K6u0V1K9s2g2Y4k6g2)9J5k6r3S2S2j5$3E0K6i4K6u0V1N6r3S2W2M7$3g2Q4x3X3c8U0K9r3W2W2k6W2)9J5k6r3g2^5k6h3y4#2N6r3W2$3k6i4y4Q4x3X3c8%4k6i4u0W2i4K6u0V1k6$3W2$3k6h3&6Q4x3X3c8S2i4K6u0V1M7X3q4A6M7$3g2Q4x3V1j5`.

NUCLEAR, ANGLER EXPLOIT KIT活动消失
254K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6@1K9s2u0W2j5i4c8H3L8%4y4@1i4K6u0W2j5$3!0E0i4K6u0r3L8Y4g2U0L8r3g2S2M7W2)9J5k6r3q4F1k6$3I4W2M7W2)9J5k6r3g2^5M7r3I4G2K9i4c8Q4x3X3c8C8K9i4c8Q4x3X3c8S2j5%4c8A6N6X3W2@1P5g2)9J5k6r3S2S2M7#2)9J5k6r3c8A6M7$3q4H3M7r3g2S2M7X3g2V1i4K6u0r3x3e0p5^5z5o6b7J5i4K6u0r3

数据泄露消息:
山东省联通手机/IMEI泄露

[培训]内核驱动高级班，冲击BAT一流互联网大厂工作，每周日13:00-18:00直播授课

#资讯

收藏・0

免费・0

支持